<%-- 
    Document   : purchase
    Created on : Dec 6, 2011, 3:11:44 AM
    Author     : Michael
--%>

<%@page import="java.util.Calendar"%>
<%@page import="java.util.Random"%>
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<% if(session.getAttribute("LoggedIn")==null)
       {
    response.sendRedirect("index.html");
    return;
        }

%>
<%
java.sql.Connection conn = new DBClasses.GetConnection().getConnection();
    try
    {
          java.sql.Statement stmt = conn.createStatement();
          boolean exists = true;
          int transactionID=-1;
          while(exists)
          {
              Random r = new Random();
              r.setSeed(System.currentTimeMillis());
              transactionID = r.nextInt(1000000);
              java.sql.ResultSet rs = stmt.executeQuery("SELECT TransactionID FROM sales WHERE TransactionID='" + transactionID + "'");
              if(!rs.next())
                  exists=false;
          }
          
          java.sql.PreparedStatement ps = conn.prepareStatement("INSERT INTO sales "
                  + "(TransactionID, Date, AdID, NumUnits, AccountNo)"
                  + " VALUES (?, ?, ?, ?, ?)");
          
          ps.setInt(1, transactionID);
          ps.setDate(2, new java.sql.Date(System.currentTimeMillis()), Calendar.getInstance());
          ps.setInt(3, Integer.parseInt(request.getParameter("itemid")));
          ps.setInt(4, Integer.parseInt(request.getParameter("itemamount")));
          if(session.getAttribute("Access").equals("Customer"))
               ps.setInt(5, Integer.parseInt(session.getAttribute("AccountNo").toString()));
          else
               ps.setInt(5, Integer.parseInt(request.getParameter("accountno").toString()));
          
          System.out.println(ps.toString());
          ps.execute();
          
          String query = "UPDATE advertisement SET AvailableUnits=("
                  + "AvailableUnits-" + Integer.parseInt(request.getParameter("itemamount")) + 
                  ") WHERE AdvertisementID='" + Integer.parseInt(request.getParameter("itemid")) + "'";
          
          System.out.println(query);
          conn.createStatement().execute(query);
          

          
          
    }
    
    catch(Exception e)
    {
        e.printStackTrace();
        response.sendRedirect("gohome.jsp");
    }
    finally
    {
        try{
            conn.commit();
            conn.close();
        }
        catch(Exception e) { response.sendRedirect("gohome.jsp"); }
    }
%>
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>Success</title>
    </head>
    <body>
        <h1>Transaction Successful</h1>
        <% if(session.getAttribute("Access").equals("Customer")) { %>
            <a href="AdvertisementList.jsp">Click here to return to advertisements</a>
                
        <% } else { %>
            <a href="TransactionList.jsp">Click here to return to transactions</a> <% } %>
    </body>
</html>
